Vulnerabilities (CVE)

Filtered by vendor Grandstream Subscribe

Filtered by product Gxp1610 Firmware

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-17564	1 Grandstream	12 Gxp1610, Gxp1610 Firmware, Gxp1615 and 9 more	2020-08-24	7.5 HIGH	9.8 CRITICAL
A Malformed Input String to /cgi-bin/delete_CA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device.
CVE-2018-17565	1 Grandstream	12 Gxp1610, Gxp1610 Firmware, Gxp1615 and 9 more	2019-10-03	10.0 HIGH	9.8 CRITICAL
Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to execute arbitrary system commands and gain a root shell.